Re: [gnutls-dev] Fixing OpenPGP keyring import

[Ludovic Courtès]

Hi,

Timo Schulz <address@hidden> writes:

> Actually that's not true, maybe the code does not work in the used
> CDK release, but the keydb code has the ability to automatically
> decode base64 files which are used as
>       CDK_DBTYPE_PK_KEYRING.

Yes, but my patch uses `CDK_DBTYPE_PK_DATA' because the data comes from
a user-provided buffer, not from a file.  In this case,
`cdk_keydb_new ()' just creates a temporary stream from the user buffer,
without leaving the opportunity set/clear that stream's armor flag.

> As I said before, this is usually not needed. The both format which
> are possible: raw, base64 should be supported.
> If the opencdk version gnutls currently uses, does not support to
> push the de-armor filter automatically, I guess it's the best idea to
> fix it in keydb.c.

It would be best to at least have the ability to not rely on automatic
detection of the format, especially since callers pass a FORMAT
argument.

>>   2. providing a new function, say `cdk_keydb_from_stream ()', where one
>>      can pass an arbitrary stream as the keyring source.
>
> This might be a useful function and I will consider it.

That would allow `gnutls_openpgp_keyring_import ()' to support both
base64 and raw in a straightforward way.

Are you considering implementing it in a future version?

>> thereby fixing our problem.  It would also have the advantage of not
>> breaking OpenCDK's ABI.  `cdk_keydb_new ()' could then be rewritten in
>
> ..if the only reason for the new code is that base64 data is not supported,

Then what?  :-)

It seems that your message got somehow stripped.

Thanks,
Ludovic.